SocialHub.AI
Compliance · Trust & Security

GDPR

SocialHub.AI is built to support your GDPR obligations and ours — lawful processing, data-subject rights, consent, processor terms, and breach response. As your processor, we provide the tooling and contractual terms to help you meet the regulation.

How we support each obligation

The key obligations, and how the platform helps you meet them.

Lawful, transparent processing (Art. 5–6)

  • Processing is tied to a documented purpose and legal basis, recorded in our Records of Processing Activities.
  • Data minimization is built in: personal data is masked and redacted wherever it is not needed.

Consent (Art. 7)

  • Consent is versioned with an append-only evidence trail (what, when, which policy version).
  • Marketing consent is separate from membership, and withdrawal is honored at send time across every channel.

Data-subject rights (Art. 15–22)

  • Access & portability: a structured export of a member's personal data with an honest coverage manifest.
  • Rectification: members and admins can correct data directly.
  • Erasure: a right-to-be-forgotten flow that removes personal data, not just a status flag.
  • Objection & opt-out: marketing objection and Global Privacy Control are honored and persisted.

Privacy by design & default (Art. 25)

  • Privacy-protective defaults, consent enforcement, and pervasive redaction.
  • An optional opt-in collection mode for jurisdictions that require prior consent for behavioral data.

Processors & transfers (Art. 28, 44+)

  • A maintained subprocessor list and data-processing agreements with our vendors.
  • Data-residency options and transfer safeguards for EU/UK customer data.

Security & breach response (Art. 32–34)

  • Encryption, access control, and audit logging protect personal data.
  • A documented incident-response process with regulator and data-subject notification timelines.

GDPR does not offer a certification; compliance is demonstrated through records, contracts, and processes. A Data Processing Agreement is available for customers.

Need a DPA or have a question?

Our team can provide our Data Processing Agreement and subprocessor list, and answer your data-protection questions.

Contact Us